> It said the hackers launched their campaign from three computers on the mainland. In theory, those machines could have been compromised by someone elsewhere.
In theory? This type of reporting is concerning. Surely these reporters (as well as Symantec) ought to know that these type of attacks in theory could leave a true IP trail, but probably not.
There might be other signs that this is a Chinese operation, but IP addresses is not good proof.
There's always news of China hacking the US... Is China more competent, or do they report on it less (I'm sure the latter is true to some degree.) Is there any data on the volume of hacks on the two sides? I understand that Obama and Xi agreed to show mutual restraint, which would imply some reciprocity from the US, but to what extent?
No, they are just bad enough to get caught often enough. The USA does the same thing probably, but they are much more careful about it.
It doesn’t help that much of China’s economy is state owned, so even someone doing some espionage for a state owned enterprise would be rightfully called state sponsored.
You can have a very low view of the Chinese Communist Party while being many things that Trump isn't, like a fierce advocate for liberal democracy and human rights and the rule of law.
you saying this is short sighted and distracts from real issues such as genocide and massive human rights violations happening around the world right now.
Actually I have an unpopular opinion in regards to your question on competency. The computing industry as a whole over the years has grown and morphed to the point that there’s a high level of ineptitude when it comes to basic administration of networks, servers, and services. Basic concepts of not sharing passwords, locking networks down, using TLS, least privileged access, and so much more aren’t practiced as much as they may have been (well if at all). I’m sure there are plenty of companies and teams that do good things but I’ve seen now at a few companies I’ve worked, lax attitude and poor response to incidents that I believe has made it scary easy for a bad actor to gain access to things they shouldn’t.
1. The Chinese government is more than capable of stopping all of the types you listed.
2. There is history of the Chinese government using its hackers to attack projects and companies it dislikes (see Github DDoS for a high-profile recent example).
3. The US intelligence community has stated that in many cases, the Chinese government is behind attacks. I might distrust the US intelligence community, but this is not something they need to lie about.
4. When Obama and Xi agreed that the US and China would stop infiltrating each other's networks, the breaches stopped.
There is one more thing I almost forgot to mention. The point you made is actually more applicable to Russia. Over the past decade, the Russian government has taken the approach of allowing hackers on Russian soil to operate more or less without any legal consequence so long as their attacks do not target Russian entities. When Putin talks about "patriotic individuals" being behind the hacks on the DNC, I believe him. That does not mean he (or the people arouhd him doing his bidding) was not privy to what was going on or that those patriotic individuals did not receive suggestions on what a good target and a good strategy might be.
> 1. The Chinese government is more than capable of stopping all of the types you listed.
I dont think this is technically possible.
Or you are assuming vastly more advanced technologies possessed by Chinese government.
From what we know from Chinese tech company and track record, I doubt this is true.
> 2. ... (see Github DDoS for a high-profile recent example).
Links?
> 3. The US intelligence community has stated that in many cases, the Chinese government is behind attacks. I might distrust the US intelligence community, but this is not something they need to lie about.
They have all the benefit to lie about it:
- Create fear for adversaries. It used to be USSR, now its CCP.
- Assume the moral high-ground for their own surveillance or espionage activities, both domestically and internationally.
- Setup the stage for error-increasing budget for their long-term survivability.
- Cover up their incompetency of guarding national secrets (the adversary is so strong that our defense is not sufficient)
These are just some random possibilities, insiders can give probably much more.
> 4. When Obama and Xi agreed that the US and China would stop infiltrating each other's networks, the breaches stopped.
> Or you are assuming vastly more advanced technologies possessed by Chinese government.
> From what we know from Chinese tech company and track record, I doubt this is true.
It is not technically feasible, but legal consequences serve as sufficient deterrent. Not many people in the US would carry similar activities. It helps that just about all Chinese corporations are really state enterprises. It looked like state intervention might eventually disappear while Hu was in power, but under Xi, the CCP has gotten much more involved. No Chinese corporation will continue to steal US intellectual property if the party instructs them not to.
As for technical feasibility, if any country has the capability to detect those intrusions, it's China. All internet traffic in China passes through a government filter, and you're only allowed to move encrypted data if you're small fish and the CCP doesn't feel at all concerned about what you're doing. So they can monitor internet traffic better than any other state.
The hacks you hear about are not super advanced wizardry. It's mundane script kiddie stuff but with hundreds if not thousands of people behind it dedicating their full day to it. Our networks are full of security holes.
> They have all the benefit to lie about it: [...]
I concede those are pretty good reasons, but they would unravel sooner or later if there were no truth to them. It is true that this creates fear, that the US is trying to maintain high ground, that this keeps the IC budget growing. But that does not mean China is not hacking into American businesses. I assure you that China would have been much more indignant in fighting the charge if there were no substance to the IC claims.
What I would like you to consider is this: why would China not steal US secrets? Their economy is modernising, and this is exactly the kind of thing they need to speed that modernisation. This is not unique to China, by the way. Every young economy breaks the rules before it joins "The First World". See China's fight to keep its classification as a developing market, their currency manipulation, and how China is setting up shop in any place they can to avoid tariffs, quotas and other import restrictions. Hacking into American (and Canadian and European) businesses is not a wild suggestion -- what would be mysterious is China not hacking Western businesses.
> Links?
It's quite easy to find the stuff I mentioned earlier using a search engine.
>I concede those are pretty good reasons, but they would unravel sooner or later if there were no truth to them.
Yes, surely if you would spend billions to fight a imaginary enemy whos people have to wait in line for toilet paper, that would be something you would remember.
Man, those people in the Security Community are so incompetent, they trashed there own paper-potemkin-advesary (russia) by accident and now have to make up a new one.
Not even congress would buy that more Hightech is necessary to fight the taliban.
Best would be, if the US accepted that there wil always be some ridiculous spending on "imagined advesaries" and choose the advesaries more by the potential tech outcome.
Im pretty sure, those Antarcticans are plotting to conquer the Asteroid belt - building energy collecting deathrays and the evil Europeans are trying to establish underwater colonys on europa. Death to Antarctica!
In every remotely technical report of "China" hacking, it's mostly about phishing business. 0day exploits embedded in email attachments with pdf/doc/docx. NSA shit is whole different level.
In theory? This type of reporting is concerning. Surely these reporters (as well as Symantec) ought to know that these type of attacks in theory could leave a true IP trail, but probably not.
There might be other signs that this is a Chinese operation, but IP addresses is not good proof.